Best practices - Amazon CloudWatch Logs
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Best practices

Follow these best practices to ensure reliable and efficient scheduled query operations:

Query optimization

  • Test queries manually before scheduling to verify performance and results

  • Use filter indexes early in your query to reduce data processing

  • Limit time ranges to avoid timeouts with high-volume log groups

  • Consider query complexity and execution time limits

Schedule planning

  • Avoid overlapping executions by ensuring queries complete before the next scheduled run

  • Consider log ingestion delays when setting time ranges

  • Use cron expressions for specific times

  • Spread out the schedules to ensure you do not hit query concurrency limit

Monitoring and maintenance

  • Monitor execution history regularly to identify failures or performance issues

  • Review and update IAM roles periodically to maintain security

  • Test destination accessibility before deploying to production

Authorization

  • All the APIs for scheduled query authorize on the scheduled query resource and not on the resources it takes in the input like log groups. Set up IAM policies accordingly

  • Manage authorization of log groups using the execution role passed in the APIs